-
Happy Holidays and a Happy New Year from atsec
This year the motto for our Holiday greeting is “Bridges”, as it symbolizes much of what we do in our daily work. We bridge the difficult terrain of international and national standards between vendors and government agencies, so both parties can reach their respective goals. We bridge the…
-
Is working for atsec an option for me?
I’ve been with atsec for more than two years, and I am happy to be on board. But when I joined, I had some concerns. Coming from companies with thousands of employees and revenues in the billions, joining a company with less than one hundred employees worldwide and…
-
Reasonable or just possible?
A few days ago, I returned from my first business trip in months. I didn’t travel because I had to, but because I decided that it would be better to be on-site instead of handling the project remotely. And we are handling a lot of projects remotely at…
-
Sample Size in NIST SP800-90B
We invite you to watch this presentation by Richard Fant on Sample Size in SP800-90B.
-
Do Remote Site Visits Work?
While the home office has become a normality for many IT companies and operations during the pandemic, the requirements for security evaluation, certifications, accreditations, and other approvals have remained constant. Site visits at the development sites are required to achieve the approval of certification and accreditation. How could…
-
atsec China adds PCI CPSA (Logical and Physical) Assessor Qualifications
atsec China has been qualified by PCI SSC (Payment Card Industry Security Standards Council) as a Card Production Security Assessor (CPSA) Company to validate an entity’s adherence to the PCI Card Production and Provisioning Logical Security and Physical Security Requirements (two separate security standards). Currently atsec provides the…
-
Reflections on Security Assurance
Some reflections on security assurance, how it can be achieved and verified, from the view of an evaluation lab. Security assurance is usually hard to grasp and sometimes we have seen there is the misconception how it can be achieved. One of the early milestones in understanding assurance…
-
The genesis of atsec’s name, logo, and websites
When atsec was about to be founded, one of the first questions the founders (a German, an Italian, and a Swede) had was which name would best represent the company’s approach to information security, but more importantly, whether the domain would be available. Here is the list of…
-
atsec Scholarship Connects Logic and Cryptography
The two most repeated terms at the NIST Entropy Workshop held on April 27-29 are “mathematical model” and “justification.” That brought me back to my college days at Peking University where I first studied Mathematical Logic. Logic is all about valid rules of inference. Mathematical logic applies the techniques of…
